Apple: Developer Site Targeted In Security Attack, Still Down 112
An anonymous reader writes "Apple has informed developers that an intruder gained access to its developer site database. Quoted email from Apple: 'Last Thursday, an intruder attempted to secure personal information of our registered developers from our developer website. Sensitive personal information was encrypted and cannot be accessed, however, we have not been able to rule out the possibility that some developers' names, mailing addresses, and/or email addresses may have been accessed. In the spirit of transparency, we want to inform you of the issue. We took the site down immediately on Thursday and have been working around the clock since then. In order to prevent a security threat like this from happening again, we're completely overhauling our developer systems, updating our server software, and rebuilding our entire database. We apologize for the significant inconvenience that our downtime has caused you and we expect to have the developer website up again soon.'"
contact information out in the open (Score:0, Interesting)
So is sensitive information only your credit card data?
Interesting timing... (Score:5, Interesting)
Interesting timing. Wonder if it was related/coordinated to the Ubuntu forums attacks.
http://it.slashdot.org/story/13/07/21/0318243/ubuntuforumsorg-hacked [slashdot.org]
Re:Interesting timing... (Score:5, Interesting)
Purpose of the attack (Score:3, Interesting)
I'm thinking of the purpose of this attack:
* Software stealing
* Account hijacking: use the certificate to publish fake apps and get money
* New software: tomorrow maybe the day that Apple will release iOS 7 Beta 4 and OS X Mavericks
Which one? (Score:2, Interesting)
Spirit of transparency or because there is an entire site down without any other reason?
Why take the site down? (Score:3, Interesting)
If the attacker didn't successfully get in why is Apple completely revamping the site? When I ran a small website it got attacked everyday, I can't even imagine how many people try to get into Apple's systems. So what's so different about this one? Something doesn't add up.
The data was taken and was partially unencrypted (Score:5, Interesting)
I have my own domain name, and suffice it to say it is unique. It is 8 characters and unless the attackers brute-forced my name and the domain name, data was definitely taken unencrypted. I have not published anything to the app store yet; my website doesn't talk about any apps. As far as anyone who develops for iPhones knows, my personal development account doesn't exist.
Throughout the day Thursday I had 4 password reset attempts on this Apple ID. I immediately changed my password the legit way to something much stronger than I had it, but that's beside the point - there's really only two vectors for someone to have gotten my developer account info: through the Apple breach, through email harvesters, or through past business contacts (I have developed for other people, but not published under myself)
Considering the timing, I think we can assume it was obtained through the Apple breach. I consider the data compromised. I'm going to go so far as re-generate ALL of my provisioning, etc. certificates and I advise anyone else to do so when the site comes back up.
Video about the download (Score:3, Interesting)
I've got to dash to work, but here goes the link to the video where he shows what he did.
http://www.youtube.com/watch?v=q000_EOWy80
ac